Securing Broadband Subscriptions on SaaS with OAuth2.0 in REST API
DOI:
https://doi.org/10.63282/3050-9262.IJAIDSML-V6I4P113Keywords:
OAuth 2.0, REST API Security, SaaS Security, Broadband Service Providers (BSPs), Token-Based Authentication, Access Control, OSS/BSS Integration, Cloud-Native Architecture, PII Protection, Secure Data TransportAbstract
The rapid evolution of cloud-native technologies such as Software as a Service (SaaS) has transformed the landscape for Broadband Service Providers (BSPs), enabling the delivery of subscriber services with high scalability and efficiency. Initially, the adoption of such platforms was driven with a cause for simplifying workflows and increase usability for BSP operational teams. Over time, however, both BSPs and their associated Operations Support Systems (OSS) and Business Support Systems (BSS) have become increasingly reliant on these cloud-based solutions. This has resulted in the accumulation and management of large quantities of sensitive data, including personally identifiable information (PII), as well as critical internet and voice service records for individual subscribers. Basic authentication method typically involved the exchange of simple username and password which were stored in databases. Basic auth. proved inadequate in securing sensitive information against evolving security threats. As regulatory requirements and industry standards have grown more stringent, BSPs have been compelled to transition to more robust authentication frameworks. OAuth 2.0 has emerged as the industry standard for secure data transport, offering enhanced protection through token-based authentication and granular access controls
References
[1] James Gough, Daniel Bryant and Matthew Auburn, “Mastering API Architecture” in O'Reilly Media, Inc., 2022
[2] An Introduction to APIs By Brian Cooksey - 2014 - cdn.zapier.com
[3] https://testfully.io/blog/api-authentication/
[4] Accessing Cloud through API in a More Secure and Usable Way HongQian Karen Lu Gemalto, Inc. Austin, Texas, U.S.A
[5] Securing the Digital Backbone: An In-depth Insights into API Security Patterns and Practices - Mayank Hindka - Computer Information Systems, Texas A&M University-Central Texas, United States
[6] OAuth 2.0: A Framework to Secure the OAuth-Based Service for Packaged Web Application, January 2020
[7] https://www.geeksforgeeks.org/software-engineering/workflow-of-oauth-2-0/#
[8] Securing the Digital Backbone: An In-depth Insights into API Security Patterns and Practices Mayank Hindka Computer Information Systems, Texas A&M University-Central Texas, United States
